16

What can be the maximum acceptable expiry-time value of Javascript persistence cookie?

BartoszKP
  • 34,786
  • 15
  • 102
  • 130
Jeevi
  • 2,962
  • 6
  • 39
  • 60
  • 4
    I don't think that is possible. Just choose any arbitrarily large value of time long enough to make sure your users are dead by that time...;) – Shashank Kadne Apr 26 '12 at 06:43
  • @ShashankKadne : Yes.. i'm also thinking the same.. can that be 100yrs from now? is that acceptable? – Jeevi Apr 26 '12 at 07:09
  • Why not? Set it as "8640000" for 100 days. It should be in seconds. – Shashank Kadne Apr 26 '12 at 07:45
  • @ShashankKadne No need to make it so far. Any time after the apocalypse should do fine too. – enchance Jun 27 '21 at 11:29
  • Somebody actually answered this question [elsewhere](https://stackoverflow.com/a/22479460/1255289). The max value is 2^32 - 1, or about 136 years, but safer to keep it before 2038 to avoid rollover on the UNIX timestamp value. – miken32 Feb 20 '22 at 17:32

3 Answers3

5

Read : Expires and Max-Age of Cookies

Life time of the javascript cookies is depend on what amount of time you set when creating cookies for example following set the life time of 10 minutes 

expiry = new Date();   
expiry.setTime(date.getTime()+(10*60*1000)); 
// Ten minutes   
 // Date()'s toGMTSting() method will format the date correctly for a cookie   
document.cookie = "visited=yes; expires=" + expiry.toGMTString();

there is no way that you can set the life time coookie...i.e cookie with no expiration

Pranay Rana
  • 175,020
  • 35
  • 237
  • 263
  • 3
    Hi,, thanks... my question is,what is the maximum value with which the (10*60*1000) can be replaced? – Jeevi Apr 26 '12 at 07:07
  • i m not sure but the integer max is the maixumum value ...i thin you can google it out – Pranay Rana Apr 26 '12 at 07:08
  • 2
    There's a bug in your code, 'expiry.setTime(date.getTime()+(10*60*1000));' should be 'expiry.setTime(expiry.getTime()+(365*24*60*60*1000));' – Paul Nelligan Dec 04 '15 at 13:28
  • 7
    I'm surprised this answer is marked as accepted, even if it was the only answer at the time, since the author of the question clearly states that it does not answer the question. And it is so inappropriate to be calling people stupid on here. People should not need to read your referenced sources in order to understand your answer. – maurice May 31 '16 at 21:06
3

Forever cookie: Possible if you re-write the cookie every time you read it, setting the expire date to some ridiculous date in the future eg: 10 yrs hence.

For that to not be forever you are assuming the web page will not be read for more than 10 years, in which case what's the point. You think we will still be using cookies in 10 yrs :-)

Plus a cookie longevity is only as long as the hardware its stored on. Will you be using the same hardware in 10 yrs?

Note: read cookie then immediately write same cookie I found was problematic on some computers (reason unknown). Fix was embed the write cookie in a timeout:

var x=getCookie('mycookie');
setTimeout('saveCookie("mycookie", x)',1000)

getCookie and saveCookie being functions you have to create in this example, and saveCookie function sets cookie life at 10 yrs

At the speed of technology evolution, that's 'forever' :-)

v.k.
  • 2,826
  • 2
  • 20
  • 29
Mike Scott
  • 101
  • 1
  • 4
  • ```Plus a cookie longevity is only as long as the hardware its stored on. Will you be using the same hardware in 10 yrs?``` - i'm storing it on AWS Aurora, the underlying hardware isn't important, but at this point it's expected that i'm still using AWS Aurora in 10 years.. or at least the project i'm working on probably will (has been running Aurora since 2016) – hanshenrik Feb 04 '21 at 10:32
  • apologies for necroposting, but yes, we are indeed still using cookies (no quite 10 years thou, but we're getting there) – TopchetoEU Jul 22 '23 at 08:39
0

Using the maximum milliseconds-since-the-epoch value, an expiry date can be generated which represents the "longest possible time" for a cookie to be kept alive.

var key = 'foo';
var value = 'bar';
var expiryDate = new Date(8640000000000000).toUTCString();
var cookie = `${key}=${value};expires=${expiryDate}`;
console.log(cookie);
spacefluff432
  • 566
  • 3
  • 13